General
-
Target
Built.exe
-
Size
6.9MB
-
Sample
241030-rg5hfawpbq
-
MD5
a794e4a754219f34faf2b57d864acc0f
-
SHA1
1e1b51db3a0577af9ad39de50b5af5c700548b3c
-
SHA256
48851c438b38f3217d89d0ea193a23f983546fdded868a84f17710f4c8a0ebeb
-
SHA512
dea08564daf378f01507e5a5c5f2810118857b9e4dc1f26f4229cd729483d00ca4a12e1c002abedd79735960edb8fe51dae4a511ec7939c3e5fb99d5b70135da
-
SSDEEP
98304:lVpRDjWM8JEE1FFggJuamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcK:FR0rVJ3eNTfm/pf+xk4dWRpmrbW3jmrr
Malware Config
Targets
-
-
Target
Built.exe
-
Size
6.9MB
-
MD5
a794e4a754219f34faf2b57d864acc0f
-
SHA1
1e1b51db3a0577af9ad39de50b5af5c700548b3c
-
SHA256
48851c438b38f3217d89d0ea193a23f983546fdded868a84f17710f4c8a0ebeb
-
SHA512
dea08564daf378f01507e5a5c5f2810118857b9e4dc1f26f4229cd729483d00ca4a12e1c002abedd79735960edb8fe51dae4a511ec7939c3e5fb99d5b70135da
-
SSDEEP
98304:lVpRDjWM8JEE1FFggJuamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcK:FR0rVJ3eNTfm/pf+xk4dWRpmrbW3jmrr
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-